Oakland Privacy and the Fight for Community Control

Many groups in the Electronic Frontier Alliance work to ensure that their neighbors have the tools they need to maintain control of their information. Others devote their efforts to community organizing or advocacy, assuring that authorities respect the civil and privacy rights of people in their community. For over four years, Oakland Privacy has been a notable example of the latter.

Initially organizing as the Occupy Oakland Privacy Working Group, Oakland Privacy began meeting in July of 2013, with a mission to stop Oakland’s Domain Awareness Center (DAC). The DAC, first approved by the City of Oakland City Council as a port security monitoring system, was moving toward approval of a second phase by the Summer of 2013. Phase II would have expanded the DAC into a city-wide surveillance apparatus that would have combined feeds from cameras, microphones, and other electronic monitoring assets throughout the city. Local authorities and their partners would have had an unprecedented ability to surveil the people of Oakland.

As one might expect, the proposal raised significant concerns for Oakland residents.

Oakland Privacy members recognized that a successful campaign would require a broad coalition of local partners and national civil rights advocates. Working with organizations such as Lighthouse Mosque, ONYX/Anti-Police Terror Project, Justice for Alan Blueford, and the Dan Siegel for Mayor Campaign, Oakland Privacy stopped the DAC's expansion beyond the Port of Oakland.

Can you give us some background about the Oakland Privacy Working Group?

The founding members of the Oakland Privacy Working Group were the remaining Occupy players who were still around in town. Even though the main Occupy Movement had wound down, there were still a lot of activists around focusing on militarization and surveillance issues such as Urban Shield. So when the citywide surveillance network showed up on the Public Safety agenda in July of 2013, a whole bunch of alarm bells went off. The founding members got together and formed what they thought was just a temporary group to raise awareness and try to kill the Domain Awareness Center.

How did you jump from reactive organizing to sustained offensive organizing? How do you preserve the urgency and maintain the participation rate?

As the DAC proceeded, we basically spent all our resources on building a coalition and trying to get as many people as we could to slow the process down and derail it. That ultimately succeeded.

We also got an unexpected side benefit. When the DAC was scaled back and the funding eliminated, on March 4th, 2014, they created an ad-hoc citizens commission to craft a privacy policy for the skeletal remains of the project that were left in place to address port infrastructure equipment.

I participated on that committee, along with the members of the ACLU, EFF, and a good cross-mix of Oakland citizens. We crafted a policy, and along with that, we sent up a number of recommendations to the council for approval. One of those was the creation of a standing privacy commission. Oakland Privacy lobbied heavily for that along with other allies. We were also able to get members appointed to the commission. Since then, we've been able to bring this model to other entities throughout the Bay Area.

It’s very hard for law enforcement, or anyone else, to say that transparency is not good, or that there shouldn't be any oversight, or that there shouldn't be public hearings. So we have these arguments that people would have a hard time defeating, and have been able to bring this approach throughout the entire Bay Area. They’re all in different stages of the project, but this public vetting process is in place throughout the greater Bay Area.

Can you tell us about your current police oversight campaign?

What we’re working on right now is a surveillance equipment ordinance. We have a dedicated core group of volunteers who watch the agenda items of legislative bodies across the Bay Area. If surveillance equipment pops up we can address it. We can go lobby elected officials and say, ‘we need to have a discussion about this.'

The main project itself is codifying the process. The Domain Awareness Center was shoved down the public’s throat before they even knew what it was, and before we discussed privacy. We’re now flipping that on its head. We're having the public conversation at the beginning, about whether this is appropriate or not for the community, and if so how should it be regulated? What sort of use policy is going to govern it?

We're maintaining oversight and then also forcing law enforcement to come back after the fact and report on how they used it. They have to demonstrate the efficacy, maybe make amendments to the policy if there have been any violations, and actually demonstrate that the equipment is achieving its purpose.

I suspect that some of this equipment is snake oil, and it's not going to be able to stand up to scrutiny once it has to start demonstrating the hard numbers that should go with it. That ordinance project is in play with at least seven government entities in the Bay Area.

You just mentioned that you are work on legislation in so many different regions of the Bay Area. Palo Alto, Oakland, Berkeley. How do you manage the workload?

I think Oakland Privacy just has the benefit of having a really amazing group of people, but the strong skill set that we’ve been implementing is coalition building. Yes, maybe sometimes we are kind of the spearpoints, but we’re obviously way too small to have a dramatic impact by ourselves.

So, if we’re in Santa Clara, we’re trying to get South Bay folks to work with us. If we’re in Berkeley, we have to get groups that are already present in Berkeley. One of the most valuable things we’ve been doing is bringing constituents in each specific district when we go to talk to a council member or a board of supervisors. One of the things they’re not shy about is saying ‘why are you guys talking to us, you’re an outsider,’ if it’s a non-Oakland entity. They want to know what their own constituents think.

Something we’ve really been focusing on lately is making sure we have people in those specific jurisdictions to come to our meetings with us, people who share the same concerns that we have and are paying attention to the same agenda items.

We’re lucky that in California, under the Brown Act, most of these things have to be posted publicly. Most of them require legislature to enter into a contract, or to accept funds, or to purchase equipment. So, that gives us a bite at the apple. We have an opportunity to show up and oppose (or at least comment on) the concerns that we have and to try to get a seat at the table and have an impact.

With social media, you can quickly raise awareness and get online and ask people to show up, and more often than not they do. I think once you show people how to do that, just as far as agenda watching and public records requests, which go along with it, other people can replicate the model.

How would one successfully be able to monitor all the Agendas for the various city meetings?

Lately, we’ve been talking to a lot of allies about helping with this, simply for their own knowledge, because they’re missing items, and later they hear it from us or EFF. It actually doesn't take too much time. It’s unfortunately manual labor, but we just go to the agendas, whether it's a public safety committee or a finance committee, and just pull up the agenda which is often posted a week or two ahead of time. Look for items of interest.

We’ve got seven or eight folks in the Oakland Privacy Working Group that do that for the Greater Bay Area on a regular basis. Once we see something like a Stingray or License Plate Reader acquisition, we can alert folks in that area that there’s something they want to talk to their council member about. Honestly, I spend maybe a half an hour a week. It’s actually not that time consuming once you know where the most likely committees are.

Working so closely with legislative bodies have there been any lessons learned that you would like to share?

I think that the vast majority of elected leaders are completely uneducated about what this equipment can do, and why there are civil liberties concerns about it. They don’t know whether it works, and they just blindly approve these things. They’re on the consent calendar most of the time. Almost everything I’ve worked with has started on the consent calendar, meaning there's no real debate, there’s no discussion. It’s just approved in a mass vote.

Once we began to educate the council on the Domain Awareness Center, that's when they started postponing votes. With Alameda County, we started raising concerns about the Stingray and how it can intercept content, and they postponed votes.

I think with such a low approval of Congress, that trickles down to the local level. Most folks just miss this really golden opportunity to inform people who do really care about what their constituents think. It starts with educating them. You need to understand the equipment, do the research, get the public records that you can in your possession and make a coherent argument. They’re often responsive, and even if they’re not, they can at least tone down, or narrow the use of the equipment to where it’s less alarming than where it was before.

If someone is concerned about surveillance and offensive tools, that are being procured by their local law enforcement, what are some things that person can do beyond letter writing?

Another tool that we use is public record requests. Almost every state has some sort of Sunshine or public requests law. Some local entities also have Sunshine Ordinances. That’s what really broke the Domain Awareness story wide open.

We had thousands of their internal documents, and we analyzed them and drew a lot of media attention to it. At the time, the Domain Awareness Center was being sold to us as this big crime-fighting tool, yet none of their internal documents talked about crime fighting at all, and it did specifically talk about targeting Occupy Oakland. So, we were able to use that to a huge advantage in showing the civil liberties concerns about that project. Again, when I say that elected leaders aren't informed, they’re often not reading those big lengthy agenda packets where some of this material was submitted to them.

The Hailstrom is an example where there has been material submitted lately, because it's been required under some of the new judicial oversight or legislation that’s been passed, and they're still not following that down the trail as far as they should. So, we keep pushing and keep educating them, to show them where the alarming parts are, and then you can incorporate that in your letters, or in your public comments, or in your letter to the editor, and it just makes your argument that much better. When you’re a small group or an activist or an individual, don't be afraid to reach out to the professionals. Before Oakland Privacy got going at all, naturally we had to send out SOS calls to EFF, the National Lawyers Guild, ACLU, whoever we could find to help us slow it down.

I remember being asked that question at a panel earlier. ‘When do you call in the muscle? At the finish line or the beginning?’ I think for small groups or individuals, call in the muscle when you can at the beginning. Get them to help you slow it down, to challenge it, to raise awareness, so that you can get your foot in the door and start educating people. That can give you time to submit public record acts and more time to build a coalition.

It’s been a really beneficial relationship to have local small community groups that can show up and speak on every item, but also to have the big muscle behind you if you need it. It’s been a really good 1-2 combo here in the Bay Area, and there are groups like that all across the U.S. that you can get to help you.

Though initially organized to stop one explicit threat to the privacy and civil rights of their neighbors, Oakland Privacy continues its efforts within Oakland while also supporting neighboring communities. Their model of coalition building, monitoring local council agendas, and mobilizing community support when necessary provides a strong example of how strategic planning and cooperation can prove fruitful in the face of what often feels like overwhelming obstacles and challenges.

A misguided bill in Georgia (S.B. 315) threatens to criminalize independent computer security research and punish ordinary technology users who violate fine-print terms of service clauses. S.B. 315 is currently making its way through the state’s legislature amid uproar and resistance that its sponsors might not have fully anticipated...

Communities across the United States are considering strategies to protect residents’ access to information and their right to privacy. These experiments have a long history, but a new wave of activists have been inspired to seek a local response to federal setbacks to Internet freedom, such as the FCC’s decision...

With our coalition partners, we submitted a letter in support of Berkeley's proposed Surveillance Technology Use and Community Safety Ordinance. Now more than ever, local leaders have a special responsibility to protect vulnerable residents from suspicionless monitoring and the creation of databases exploitable for discriminatory ends.

After the 2016 U.S. election, the prospects for digital rights under the incoming administration seemed particularly grim. A silver lining in this dark cloud has been the concerted efforts we’ve seen by groups working to defend digital rights at the local level. Over the past year, a growing network of...

Update [6/8/2017]: This post was updated to include a quote from a local organizer and the names of several supporting local organizations.
On Thursday night, the capital of the smallest state in the union adopted a wide-ranging police reform measure with national and historic implications. The Providence City Council...

On May 9, the Public Safety Committee of the Oakland City Council voted unanimously to approve a proposed “Surveillance and Community Safety Ordinance.” The measure, passed on to the Council by the city’s Privacy Advisory Commission, is modeled on a law enacted in spring 2016 by Santa...